When calling the Cloud API, the service uses the access key to authenticate that the request is valid and also to identify which environment should be used when servicing the request.
Each environment can have up to 3 access keys, each with a unique name.
This enables users to generate a key that can be used by a specific application, and the name can be used to identify which application is using that key.
The multiple access key facility means that the ability to create new keys and retire old keys is entirely user controlled.
The Cloud console shows details of the last time a key was used and provides the ability to disable and delete a key. Before a key is permanently deleted, it is recommended to disable the key to be certain it is not being used.